1. Technical Field
The present invention relates to a method for foiling cellular telephone cloning by utilizing a multi-digit number (e.g., a local telephone number other than the subscriber's telephone number and identification code) to verify legitimate subscribers of a cellular communications network.
2. Discussion of Prior Art
Cellular telephones, especially automobile cellular telephones, have come to provide a widespread method of communication. Unfortunately, this modern method of communication has been subjected to increased thefts of service thereby creating large financial losses for the cellular telephone companies. Periodically during operation, each cellular telephone must transmit a mobile identification number (MIN) identifying the cellular network to which the cellular telephone belongs (i.e. Cellular One, Bell Atlantic, etc.) and an electronic serial number (ESN) identifying the particular cellular telephone in order for a call to commence. These identification numbers are commonly unlawfully intercepted during transmission in order to be inserted into semiconductor chips and placed in new telephones forming what are known as "clones". These clones are capable of initiating countless telephone calls over the cellular network, thereby causing exorbitant fees to be charged to the subscriber whose identification numbers had been intercepted. The clones are indistinguishable from legitimate subscribers and are not detected until a subscriber receives an inordinate bill from his or her cellular telephone company. Since cellular telephone companies typically do not require subscribers to pay for calls made by the clones, the cellular telephone companies absorb the cost of the stolen service.
The prior art has developed several methods to prevent such thefts. Specifically, Cellular One has developed a fraud protection feature utilizing personal identification numbers (PIN) to enable the fraud protection feature when the cellular telephone is not in use and to disable the fraud protection feature during outgoing calls. The fraud protection feature does not require the PIN to be entered for every call and allows for incoming calls when the fraud protection feature is enabled. Further, other prior art uses of PINs include verification of subscribers by having the subscriber dial the PIN as part of every telephone call.
Hodges et al (U.S. Pat. No. 5,420,908) disclose a method for preventing wireless fraud by utilizing a shared key to complete a proper authenticating response to verify legitimate subscribers of a communication network. The shared key is not broadcast and therefore cannot be intercepted.
Flanders et al (U.S. Pat. No. 5,239,294) disclose an authentication method whereby a first I.D. (such as a serial number) is modified by using a second (personal identification number) and third (random number) I.D. as enciphering keys. The first I.D. is known to both fixed and mobile units. The mobile unit further maintains a count of the number of outgoing calls and sends the count and the modified first I.D. to the fixed unit. The fixed unit performs the same enciphering on the data received from the mobile unit and determines if the serial number of the mobile unit is valid.
Raith (U.S. Pat. No. 5,237,612) discloses an authentication algorithm utilizing a fixed and changeable key to verify subscribers in a communication network. The authentication algorithm generates responses based on signals from both the communication network and mobile subscriber for comparison to verify valid subscribers.
Reeds III et al (U.S. Pat. No. 5,204,902) disclose an authentication method whereby a mobile unit is assigned a secret code by a service provider and generates a shared secret field. In response to the mobile unit entering a cell of a base station, the mobile unit generates an authentication string to transmit to the base station. The base station consults the service provider to verify the mobile unit, and when the mobile unit is verified, the service provider sends the secret data field to the base station to authenticate and communicate with the mobile unit utilizing the secret data field.
The prior art suffers from several disadvantages. Personal identification numbers (PIN) are typically only four digits in length thereby providing for easy recognition and deciphering with the aid of a computer. The four digit PIN can only handle a limited number of subscribers inevitably requiring expansion of the PIN as the number of subscribers increase. The recurring expansion of the PIN causes inconveniences to subscribers and incurs costs as new PINs typically require a rework of the databases for storing the PINs and a redistribution of the PINs. Further, since the PIN is four digits, the PIN cannot be stored in the cellular telephone memory due to the PIN containing less digits than a typical telephone number. In addition, the PIN may not be appended to a telephone number as an appended PIN may be construed as a new area code or part of an international call. As a consequence, the subscriber is required to remember the cellular PIN along with other PINs the subscriber may already possess for credit cards and bank machines thereby causing a major burden to the subscriber and possible subsequent declines in cellular telephone usage and enrollment. A further complication in utilizing PINs is the recommendation of security experts that the PIN include at least ten digits for adequate security thereby placing the burden on subscribers to remember and enter such a long PIN. Moreover, PINs are used only for a specific cellular network and do not prevent telephone service theft when a clone communicates with another cellular network.
PINs are inconvenient and expensive since subscribers may be forced to enter the PIN as part of every call in certain security schemes and widespread implementation of PINs by cellular telephone companies requires substantial investment typically exceeding the costs of implementing the present invention. Further, subscribers traveling to an area covered by a non-local cellular network must transmit the PIN and other call information to the non-local cellular network where the information is transmitted to the long distance carrier and/or local cellular network for verification thereby giving thieves a greater chance of intercepting and recognizing the PIN and other pertinent information in order to fabricate clones. In order to avoid re-transmission of the information to the long distance carrier and/or local cellular network, the local cellular telephone companies need to maintain separate databases for local and non-local subscribers thereby requiring agreements between the cellular telephone companies who are reluctant to enter such agreements. Further, the additional databases typically may raise database management problems (i.e. validation, set-up, updating, etc.).
Yet another disadvantage of the prior art includes the extra time, effort, expense and labor to implement and maintain authentication algorithms to verify responses based on encryption keys.